CVE-2018-10423

Name of the Vulnerable Software and Affected Versions: MiniCMS version 1.10

Description: The issue allows remote attackers to obtain a directory listing of the top-level directory of the web root. This can be achieved by creating a link that becomes available after posting an article, specifically targeting the mc-admin/post.php file.

Recommendations: For MiniCMS version 1.10, consider restricting access to the mc-admin/post.php file to prevent unauthorized directory listings until a patch is available.